But while this perimeter-based approach secures the communication, it doesn't protect against attacks that hack remote employees and use their secure connections. Once inside, hackers can move between workloads in the data center with few controls to block propagation, according to VMware.

VMware contends it can solve this problem in a way that's easier to manage than VLANs through what the company calls network micro-segmentation in the data center. That means that at the network level users can only access their own resources from a smartphone or tablet, limiting what they as well an enterprising hacker can do.

The segmentation also makes it easier to keep track of what applications and resources users actually have access to, according to Noah Wasmer, vice president of end-user computing strategy at VMware.

The NSX platform is used to configure the microsegments using network virtualization. The purported advantages with network virtualization are in many ways the same as with server virtualization, including making it easier for administrators to add and remove capacity.

Here NSX is combined with enterprise mobile management from VMware-owned AirWatch. This lets administrators create and manage application specific VPNs on Apple's iPhones and devices running the latest version of Android. Once created, the VPNs are connected with the user's microsegment.

"The user doesn't even see the tunnels being created, they just have to click on the app they want to use," Wasmer said.

For it to work enterprises need NSX version 6.1 and AirWatch 8.0, which are both shipping now. The combination will be demonstrated at the RSA Conference, which starts on April 20 in San Francisco.